Case Sensitiveness and Security
25 Sep 2006 04:35 PM / Filed in: I.T.
Another case of "security" that is getting us nowhere as reported by The Internet Storm Center:
"But some of you might remember that Microsoft blocked messages containing ".pif"?
Yes they have, but... the MS block is case sensitive!
So the criminals used capital letters, ".PIF" and the network filters let the message flow right through. Other variations like .Pif, .pIf, and so on also work.".
Hopefully, that was easy to fix (taken today from Kaspersky's blog):
One's left to wonder how did such a trivia thing slipped under the Microsoft security radar...
Kaspersky's blog, always a great read, is reporting that there are some "epidemic level" MSN-Worms [...] that "spread using links to .PIF files.". They go on to say;
"But some of you might remember that Microsoft blocked messages containing ".pif"?
Yes they have, but... the MS block is case sensitive!
So the criminals used capital letters, ".PIF" and the network filters let the message flow right through. Other variations like .Pif, .pIf, and so on also work.".
Hopefully, that was easy to fix (taken today from Kaspersky's blog):
Microsoft has fixed the .PIF 'vulnerabilty' in their MSN network filters as described in the previous blogpost.
So that's one less thing to worry about.
One's left to wonder how did such a trivia thing slipped under the Microsoft security radar...